3450b662e8adbff215aa05fdc3c8e3167819c672 |
|
26-Sep-2017 |
Lorenzo Colitti <lorenzo@google.com> |
Allow connectivity-critical packets in data saver mode. This makes IPv6 work on metered wifi networks. Without this: 1. We reject incoming RAs, so we lose connectivity when the RA parameters expire. 2. We reject incoming NAs, so we get NUD failures. Bug: 66015813 Test: angler builds, boots Test: netd_{unit,integration}_test pass Test: CtsHostsideNetworkTests tests pass Change-Id: I033040ef0b91c22035e29c636123cd41ab1967ec Merged-In: I033040ef0b91c22035e29c636123cd41ab1967ec
/system/netd/server/BandwidthController.h
|
c61625942041127913de28ad0732b1ad2f6ef60b |
|
16-Jul-2017 |
Lorenzo Colitti <lorenzo@google.com> |
Remove now-unused strncpyAndCheck. Test: bullhead-eng builds Change-Id: Idacfeb71c1f108d9f51ce6f509ae16dbba8a2c2b
/system/netd/server/BandwidthController.h
|
0ecddc0aa28d6caf0f7c61710ff9ce189980283c |
|
06-Jul-2017 |
Lorenzo Colitti <lorenzo@google.com> |
Delete the last iptables commands in BandwidthController. Bug: 28362720 Test: netd_{unit,integration}_test pass Change-Id: I7e64747e3b933cdf1b76cd20356b9ff86015ec61
/system/netd/server/BandwidthController.h
|
d59526a685e883752ad2139ba870aea86dbbd104 |
|
28-Jun-2017 |
Joel Scherpelz <jscherpelz@google.com> |
Refactor interface quota code before moving to iptables-restore. This change substantially refactors the interface and shared quota code in BandwidthController in preparation for making it use IptablesRestoreController. There should be no functional change. Bug: 28362720 Test: bullhead builds,boots Test: netd_{unit,integration}_test pass Test: quota rules are added and removed when quotas are enabled/disabled Change-Id: I7379fac58da4d98958bb050055a3c6bd7c617aa3
/system/netd/server/BandwidthController.h
|
ced1dd9b01e19f0e675357844fcb3cf9f1870e33 |
|
28-Jun-2017 |
Joel Scherpelz <jscherpelz@google.com> |
Change list + manual search to set/map Continued incremental cleanup to simplify change to iptables restore. Rename some data members and switch to better data structures. Test: as follows - built - flashed - booted - "runtest -x .../netd_unit_test.cpp" passes - "runtest -x .../netd_integration_test.cpp" passes Bug: 28362720 Bug: 38143143 Change-Id: Iff231bf180f9195b01e09c5cb8c883c5d3f2852a
/system/netd/server/BandwidthController.h
|
bcad661ab90d5e4d04d41747d109f9c97c5f9490 |
|
30-May-2017 |
Joel Scherpelz <jscherpelz@google.com> |
Modernize string handling in BandwidthController This change is preparation for removal of xt_quota2 in favor of NFLOG. Note that the scope of changes is mostly limited to mechanical single line changes from "const char*" to "const std::string&". Test: as follows - built - flashed - booted - "runtest -x .../netd_unit_test.cpp" passes - "runtest -x .../netd_integration_test.cpp" passes Bug: 38143143 Bug: 28362720 Change-Id: I56ba810ff6fa2f409e32d86508cfdb1a81a50a4e
/system/netd/server/BandwidthController.h
|
d9db08c4a12d6a2953b597d39bb3ac37c43d3658 |
|
28-Apr-2017 |
Lorenzo Colitti <lorenzo@google.com> |
Simplify enums in BandwidthController. 1. Ensure that the code always uses all enum values. This provides a clear compile-time error if a passed-in enum value is not handled, and allows us to remove several default case labels and unreachable error logging code. 2. Factor out to common functions the code that converts enum values to parts of iptables command lines. Bug: 32073253 Test: netd_{unit,integration}_test pass Change-Id: I7136055100dc312fa7cb8bba5506fe86412b1f4d
/system/netd/server/BandwidthController.h
|
ce6748a3f656a206b4e85f48cda949bc152cf741 |
|
01-Feb-2017 |
Lorenzo Colitti <lorenzo@google.com> |
Use iptables pipes when fetching tether counters. Tested using: adb shell ndc bandwidth gettetherstats adb shell iptables -nvx -L natctrl_tether_counters adb shell ip6tables -nvx -L natctrl_tether_counters Results: 114 0 wlan0 rmnet_data0 272883 2976 8624804 6032 200 0 Tethering stats list completed Chain natctrl_tether_counters (2 references) pkts bytes target prot opt in out source destination 2688 179096 RETURN all -- wlan0 rmnet_data0 0.0.0.0/0 0.0.0.0/0 5713 8351999 RETURN all -- rmnet_data0 wlan0 0.0.0.0/0 0.0.0.0/0 Chain natctrl_tether_counters (1 references) pkts bytes target prot opt in out source destination 288 93787 RETURN all wlan0 rmnet_data0 ::/0 ::/0 319 272805 RETURN all rmnet_data0 wlan0 ::/0 ::/0 Test: manual test described above Test: data usage increases by 10MB when downloading 10MB file Test: netd_unit_test passes Bug: 34873832 Change-Id: I32c4e750a4d3c379074cc13ab1302d51421860d2
/system/netd/server/BandwidthController.h
|
56c4b1eb7d15e55a4edb88cfc0d190d8817d1353 |
|
31-Jan-2017 |
Lorenzo Colitti <lorenzo@google.com> |
Use iptables pipes in BandwidthController startup. Most of BandwidthController startup is already using iptables-restore, but some commands (notably listing the costly chains so they can be flushed by flushCleanTables) still use iptables. Move these to use execIptablesRestoreWithOutput. Test: netd_unit_test passes Bug: 34873832 Change-Id: Ib0741a99a2605cd6934186fd4e5364331a4eab5a
/system/netd/server/BandwidthController.h
|
7364b75ca058d34875eb3567a57bfd9c03628129 |
|
08-Jul-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Refactor getTetherStats in preparation for IPv6 tether counters. Bug: 9580643 Change-Id: I11565cafbefbc06a7992d1ff18c707165d5b31ed
/system/netd/server/BandwidthController.h
|
13debb8996ca9cd3ce5d7f2817fe19e5df148f08 |
|
27-Mar-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Use iptables-restore in BandwidthController startup. This saves approximately 800ms on boot. From the perspective of the rules, this change is a no-op. As the unit test shows, the commands are the same, though some are in a slightly different order because iptables-restore requires that COMMIT be called between different tables (e.g., filter and mangle). For simplicity, enableBandwidthControl runs two iptables-restore commands instead of one. This is not semantically different from the previous code because the previous code just ran iptables commands one by one, which provides no atomicity. Running two commands is a bit slower than running one, but it's still much faster than using iptables. Using iptables-restore allows us to do things like ":<chain> -", which both creates the chain (if it does not already exist) and flushes it. This allows us to remove IPT_CLEANUP_COMMANDS and IPT_SETUP_COMMANDS. Those two sets of commands, which basically just did "-X bw_<foo>" and "-N bw_<foo>" were only necessary because the preceding "-F bw_<foo>" command would not create bw_<foo> if it did not already exist (e.g. in setupIptablesHooks, which runs on netd startup). Bug: 21725996 Change-Id: I6656aed4287dfcb2311c94800f430c143fb0b1a5
/system/netd/server/BandwidthController.h
|
dedd271d9961dbe8b99ffa7d54ffd63ac326f866 |
|
21-Mar-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Add a binder RPC to enable/disable data saver. Bug: 26685616 Bug: 27506285 Change-Id: Id11ee717cfc1c79070b6bbec397986c25947646c
/system/netd/server/BandwidthController.h
|
86a4798264c9421cb02bc69836a323d918f73779 |
|
18-Mar-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Add a rudimentary unit test for BandwidthController. Bug: 26685616 Bug: 27506285 Change-Id: I4457abd43697a0425f167b81c1432d743800abb8
/system/netd/server/BandwidthController.h
|
7618ccb39a9e61b4b1e28e96394fd7097e62db8e |
|
17-Mar-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Slightly restructure the data saver iptables rules. 1. Make bw_costly_shared jump to bw_happy_box after bw_penalty_box. This allows the framework to manipulate whitelists and blacklists independently. 2. Make bw_happy box always whitelist system apps. Because bw_penalty_box is consulted before bw_happy_box, the framework can always blacklist certain system apps (e.g., the media server) by putting them in the blacklist. 3. Add a method to add/remove a reject at the end of bw_costly_shared. This will allow the framework to enable/disable data saver by changing only one rule. Bug: 26685616 Bug: 27506285 Change-Id: I67bff7c3c9ff5eb3f84fb84550cdf49f153e1b68
/system/netd/server/BandwidthController.h
|
a33d47992ca04eb3f911fa41ca9d3794f1986b27 |
|
17-Mar-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Remove the ability to enable/disable the happy box. This code is unused, and the plan is to have the happy box enabled at all times. Bug: 26685616 Bug: 27506285 Change-Id: Ie15b0775d535df7ca94547a7d8b8a5ed536e6dbd
/system/netd/server/BandwidthController.h
|
b1f0557b544cd5e689e013ff66591361d75ab1ff |
|
18-Mar-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Don't keep naughty/nice app state in BandwidthController. Copies of this state are already kept in NetworkManagementService, NetworkPolicyManagerService, and iptables rules. A third copy of this state is not necessary. Bug: 26685616 Bug: 27506285 Change-Id: I8dd9fc60a28804ec95660092b13a2895f7480f56
/system/netd/server/BandwidthController.h
|
69261cb65186e27dfbdc1e3eec796437f9968ff9 |
|
20-Jun-2014 |
JP Abgrall <jpa@google.com> |
server: check interface names in RPC arguments for validity This patch introduces a method isIfaceName that checks interface names from various RPCs for validity before e.g. using them as part of iptables arguments or in filenames. All of these RPC calls can only be called from applications with at least the CONNECTIVITY_INTERNAL permission in recent Android versions, so the impact of the missing checks luckily isn't very high. Orig-Author: Jann Horn <jann@thejh.net> Change-Id: I80df8d745a3de99ad02d6649f0d10562c81f6b98 Signed-off-by: JP Abgrall <jpa@google.com>
/system/netd/server/BandwidthController.h
|
f4cfad361175a7f9ccf4d41e76a9b289c3c3da22 |
|
21-May-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Move netd_client into netd. Change-Id: Ie4b6b303225c93f2448a503d6ea9cebb552cbad5
/system/netd/server/BandwidthController.h
|